We have signed our product installation using SignTool.exe and GoDaddy certificate, and our signature appears valid in windows and using "verify" option of SignTool. However, when the file is downloaded in Internet Explorer 9, it reports that "The signature of is corrupt or invalid".
We obviously don't want our users to have problems with installation of our setup, so I need help in fixing it. Strange that there is basically no help on this issue online.
I've discovered through trial and error that this is caused by a Windows update that breaks IE:
Cumulative Security Update for Internet Explorer (2870699) - published Sept. 10, 2013
http://support.microsoft.com/kb/2870699
http://technet.microsoft.com/en-us/security/bulletin/ms13-069
I installed all of the latest updates and was able to reproduce the problem. I then uninstalled this single update and it fixed the problem. I then reinstalled the update and it was broken again.
This is bad!